Lucene search
K

6939 matches found

Debian CVE
Debian CVE
added 2015/01/21 2:0 a.m.32 views

CVE-2014-0191

The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation i...

4.3CVSS7.2AI score0.081EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.40 views

Oracle Solaris Third-Party Patch Update : libxml2 (cve_2010_4008_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which...

4.3CVSS6.3AI score0.03448EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.23 views

Oracle Solaris Third-Party Patch Update : libxml2 (cve_2013_0338_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service CPU and memory consumption via an XML file containing an entity declaration with long replacement text and many referenc...

4.3CVSS7.2AI score0.02972EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.40 views

Oracle Solaris Third-Party Patch Update : libxml2 (cve_2012_5134_buffer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a...

6.8CVSS8.7AI score0.04382EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.40 views

Oracle Solaris Third-Party Patch Update : libxml2 (cve_2014_0191_denial_of)

The remote Solaris system is missing necessary patches to address security updates. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Oracle Third Party software advisories. include'deprecatednasllevel.inc';...

4.3CVSS6.9AI score0.081EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.26 views

Oracle Solaris Third-Party Patch Update : libxml2 (cve_2011_0216_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow and application crash via a crafted web site...

9.3CVSS9.1AI score0.0531EPSS
Exploits3References13
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.32 views

Oracle Solaris Third-Party Patch Update : libxml2 (cve_2013_1969_resource_management)

The remote Solaris system is missing necessary patches to address security updates : - Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via vectors...

7.5CVSS9.1AI score0.03786EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.33 views

Fedora Update for mingw-libxml2 FEDORA-2014-17609

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS8.5AI score0.081EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.45 views

Fedora Update for mingw-libxml2 FEDORA-2014-17573

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS8.5AI score0.081EPSS
Exploits1References2
Fedora
Fedora
added 2015/01/02 5:1 a.m.36 views

[SECURITY] Fedora 20 Update: mingw-libxml2-2.9.2-1.fc20

MinGW Windows libxml2 XML processing library...

4.3CVSS2.4AI score0.081EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/01/02 12:0 a.m.32 views

Fedora 21 : mingw-libxml2-2.9.2-1.fc21 (2014-17609)

Update to libxml2 2.9.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

4.3CVSS6.9AI score0.081EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/01/02 12:0 a.m.26 views

Fedora 20 : mingw-libxml2-2.9.2-1.fc20 (2014-17573)

Update to libxml2 2.9.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

4.3CVSS6.9AI score0.081EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.33 views

Mandriva Linux Security Advisory : openafs (MDVSA-2014:244)

Multiple vulnerabilities has been found and corrected in openafs : Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long fileserver ACL entry CVE-2013-1794. Integer...

6.5CVSS7.5AI score0.03988EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.35 views

GLSA-201412-06 : libxml2: Denial of Service

The remote host is affected by the vulnerability described in GLSA-201412-06 libxml2: Denial of Service parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled. Impact : A context-dependent attacker could entice a user to a...

5CVSS6.6AI score0.03988EPSS
Exploits1References2
myhack58
myhack58
added 2014/12/11 12:0 a.m.43 views

VMware fixes XSS vulnerabilities and a certificate validation issue-bug warning-the black bar safety net

VMware this week released a series of patches fixes multiple vulnerabilities, including its server virtualization platform. A vulnerability exists in VMware vCenter Server Appliance vCSAis a VMware vCenter Server of a component. The mainXSSVulnerabilityCVE-2 0 1 4-3 7 9 7by Trustware Spiderlabs...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2014/12/11 12:0 a.m.78 views

NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2014-0012 Synopsis: VMware vSphere product updates address security vulnerabilities Issue date: 2014-12-04 Updated on: 2014-12-04...

6.4CVSS8.2AI score0.081EPSS
Exploits3
Gentoo Linux
Gentoo Linux
added 2014/12/10 12:0 a.m.42 views

libxml2: Denial of service

Background libxml2 is the XML C parser and toolkit developed for the Gnome project. Description parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled. Impact A context-dependent attacker could entice a user to a specially craft...

5CVSS6.5AI score0.03988EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/12/06 12:0 a.m.56 views

VMSA-2014-0012 : VMware vSphere product updates address security vulnerabilities

a. VMware vCSA cross-site scripting vulnerability VMware vCenter Server Appliance vCSA contains a vulnerability that may allow for Cross Site Scripting. Exploitation of this vulnerability in vCenter Server requires tricking a user to click on a malicious link or to open a malicious web page. VMwa...

6.4CVSS6.5AI score0.081EPSS
Exploits3References9
Tenable Nessus
Tenable Nessus
added 2014/12/05 12:0 a.m.36 views

F5 Networks BIG-IP : libxml2 vulnerability (SOL15872)

parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...

5CVSS6.3AI score0.03988EPSS
Exploits1References2
F5 Networks
F5 Networks
added 2014/12/04 12:0 a.m.46 views

SOL15872 - libxml2 vulnerability CVE-2014-3660

parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...

5CVSS5.9AI score0.03988EPSS
Exploits1References5
Rows per page
Query Builder